package com.panda.interfaceproject.controller;

/**
 * @Author pansd
 * @Date 2025-07-31 13:21
 * @Des
 */

import com.panda.sdk.model.User;
import com.panda.sdk.utils.SignUtil;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;

/**
 * 名称 API
 *
 * @author yupi
 */
@RestController
@RequestMapping("/username")
public class UserNameController {
    @GetMapping("/getNameByGet")
    public String getNameByGet(String name) {
        return "GET 你的名字是" + name;
    }

    @PostMapping("/getNameByPost")
    public String getNameByPost(@RequestParam String name) {
        return "POST 你的名字是" + name;
    }

    @PostMapping("/getUserNameByPost")
    public String getUserNameByPost(@RequestBody User user) {
        return "POST 用户名字是" + user.getUsername();
    }


    @PostMapping("/userWithSecrectKey")
    public String getUserNameByPost(@RequestBody User user, HttpServletRequest request) {
        String accessKey = request.getHeader("accessKey");
        String secretKey = request.getHeader("secretKey");
        if (!accessKey.equals("panda") || !secretKey.equals("abcdefg")) {
            throw new RuntimeException("无权限");
        }
        return "POST 用户名字是" + user.getUsername();
    }


    @PostMapping("/getUserNameByPostWithSign")
    public String getUserNameByPostWithSign(@RequestBody User user, HttpServletRequest request) {
        // 1.拿到这五个我们可以一步一步去做校验,比如 accessKey 我们先去数据库中查一下
        // 从请求头中获取参数
//        String accessKey = request.getHeader("accessKey");
//        String nonce = request.getHeader("nonce");
//        String timestamp = request.getHeader("timestamp");
//        String sign = request.getHeader("sign");
//        String body = request.getHeader("body");
//
//
//        if (!accessKey.equals("panda")) {
//            throw new RuntimeException("无权限");
//        }
//
//        // 校验随机数,模拟一下,直接判断nonce是否大于10000
//        if (Long.parseLong(nonce) > 10000) {
//            throw new RuntimeException("无权限");
//        }
//
//        // 4.校验时间戳与当前时间的差距,交给大家自己实现
////        if (timestamp) {}
//        String serverSign = SignUtil.genSign(body, "abcdefg");
//        if(!sign.equals(serverSign)){
//            throw new RuntimeException("签名不对，无权限");
//        }

        return "POST 用户名字是" + user.getUsername();
    }

}
